CVE-2024-45826

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-610
View all →

Vulnerability Description

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user can install an executable file.

Related Vulnerabilities

CVE-2021-27648

HIGH
CVSS:8.8(High)

Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users to obtain privilege via ...

CWE-6102021

CVE-2021-30245

HIGH
CVSS:8.8(High)

The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link...

CWE-6102021

CVE-2021-43844

HIGH
CVSS:8.8(High)

MSEdgeRedirect is a tool to redirect news, search, widgets, weather, and more to a user's default browser. MSEdgeRedirect versions before 0.5.0.1 are vulnerable to Remote Code Execution via specifical...

CWE-6102021

CVE-2022-24854

HIGH
CVSS:8.8(High)

Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called `ATTACH DATABASE`, which allows connecting multiple SQLite databases via the initial c...

CWE-6102022

CVE-2022-27593

CRITICAL
CVSS:9.1(Critical)

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have al...

CWE-6102022

CVE-2024-32980

CRITICAL
CVSS:9.1(Critical)

Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use `self` requests without a sp...

CWE-6102024